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CLAIMS : 

What is claimed is: 

5 1. A method for central storage and retrieval of user 
passwords in a computer network, comprising: 

entering network user ID and password information 
into a central database; 

registering network applications and their 
10 associated passwords with a LDAP server; 

receiving user ID and password data from an 
application login; 

identifying the registered application and sending 
the user ID and password to the LDAP server; 
15 retrieving the application's associated password; 

authenticating the user password; 

sending a response from the LDAP server back to the 
application; and 

granting access to the application only if the 
20 authentication is verified. 

2. The method according to claim 1, wherein the step of 
receiving a user ID and password from an application 
login further comprises: 

25 encrypting the user ID and password and sending them 

to a secure layer before the application is identified; 
and 

decrypting the user password in the LDAP server 
before retrieving the application's password. 

30 

3. The method according to claim 1, further comprising, 
if authentication is not verified, allowing the user to 
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submit a new user ID and password. 



4. The method according to claim 1, further comprising 
setting one password attribute, wherein the value of the 
5 password attribute is set to a referral object where all 
passwords and associated applications for the user are 
stored. 



5. The method according to claim 1, further comprising: 
10 storing the application password as a multiple-value 

attribute; and 

comparing the password provided by the user against 
all passwords to determine the right to access the 
desired application. 

15 

6. The method according to claim 1, further comprising 
using a single LDAP command to modify and manage all of a 
network user's accounts. 



20 7. A computer program product in a computer readable 
medium for use in a data processing system, for central 
storage and retrieval of user passwords in a computer 
network, the computer program product comprising: 
instructions for entering network user ID and 
25 password information into a central database; 

instructions for registering network applications 
and their associated passwords with a LDAP server; 

instructions for receiving user ID and password data 
from an application login; 
30 instructions for identifying the registered 

application and sending the user ID and password to the 
LDAP server; 
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instructions for retrieving the application's 
associated password; 

instructions for authenticating the user password; 

instructions for sending a response from the LDAP 
server back to the application; and 

instructions for granting access to the application 
only if the authentication is verified. 

8. The computer program product according to claim 7, 
wherein the instructions for receiving a user ID and 
password from an application login further comprises: 

instructions for encrypting the user ID and password 
and sending them to a secure layer before the application 
is identified; and 

instructions for decrypting the user password in the 
LDAP server before retrieving the application's password. 

9. The computer program product according to claim 7, 
further comprising, if authentication is not verified, 
instructions for allowing the user to submit a new user 
ID and password. 

10. The computer program product according to claim 7, 
further comprising instructions for setting one password 
attribute, wherein the value of the password attribute is 
set to a referral object where all passwords and 
associated applications for the user are stored. 

11. The computer program product according to claim 7, 
further comprising : 

instructions for storing the application password as 
a multiple-value attribute; and 
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instructions for comparing the password provided by 
the user against all passwords to determine the right to 
access the desired application. 

12. The computer program product according to claim 7, 
further comprising instructions for using a single LDAP 
command to modify and manage all of a network user's 
accounts . 

13 . A system for central storage and retrieval of user 
passwords in a computer network, comprising: 

means for entering network user ID and password 
information into a central database; 

means for registering network applications and their 
associated passwords with a LDAP server; 

means for receiving user ID and password data from 
an application login; 

means for identifying the registered application and 
sending the user ID and password to the LDAP server; 

means for retrieving the application's associated 
password; 

means for authenticating the user password; 

means for sending a response from the LDAP server 
back to the application; and 

means for granting access to the application only if 
the authentication is verified. 

14. The system according to claim 13, wherein the means 
for receiving a user ID and password from an application 
login further comprises: 

means for encrypting the user ID and password and 
sending them to a secure layer before the application is 
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identified; and 

means for decrypting the user password in the LDAP 
server before retrieving the application's password. 

5 15. The system according to claim 13, further 

comprising, if authentication is not verified, means for 
allowing the user to submit a new user ID and password. 

16. The system according to claim 13, further comprising 
10 means for setting one password attribute, wherein the 
value of the password attribute is set to a referral 
object where all passwords and associated applications 
for the user are stored. 

15 17. The system according to claim 13, further 
comprising : 

means for storing the application password as a 
multiple-value attribute; and 

means for comparing the password provided by the 
20 user against all passwords to determine the right to 
access the desired application. 

18. The system according to claim 13, further comprising 
means for using a single LDAP command to modify and 
25 manage all of a network user's accounts. 



